1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
#![no_main]
use libfuzzer_sys::fuzz_target;
use arbitrary::Arbitrary;
use zears::Aez;
#[derive(Debug, Arbitrary)]
struct Parameters<'a> {
key: &'a [u8],
nonce: &'a [u8],
ad: Option<&'a [u8]>,
tau: u32,
message: &'a [u8],
}
fuzz_target!(|data: Parameters| {
// Limitations stem from AEZ's underlying C library
if data.nonce.len() >= 1
&& data.nonce.len() <= 16
&& data.ad.map(|x| x.len()).unwrap_or(0) <= 16
&& data.tau <= 16
&& data.message.len() <= u32::MAX.try_into().unwrap()
&& (!data.message.is_empty() || data.tau > 0)
{
let ad = match data.ad {
Some(ad) => &[ad] as &[&[u8]],
None => &[],
};
let actual = Aez::new(data.key).encrypt(data.nonce, ad, data.tau, data.message);
let mut expected = vec![0; data.message.len() + data.tau as usize];
aez::Aez::new(data.key).encrypt(data.nonce, data.ad, data.message, &mut expected);
assert_eq!(actual, expected);
}
});
|
